Reputation: 71
java.io.IOException: No X-Jenkins-CLI2-Port (jenkins cli not working )
I'm trying to run the following command:
java -jar jenkins-cli.jar -s http://jenkins_URL/ --username myusername --password mypassword help
But I'm getting the error :
java.io.IOException: No X-Jenkins-CLI2-Port among [null, X-Required-Permission, X-Jenkins, X-You-Are-In-Group, X-Hudson, Content-Length, Expires, X-You-Are-Authenticated-As, X-Permission-Implied-By, Set-Cookie, Server, X-Content-Type-Options, Date, X-Jenkins-Session, Content-Type] at hudson.cli.CLI.getCliTcpPort(CLI.java:284) at hudson.cli.CLI.(CLI.java:128) at hudson.cli.CLIConnectionFactory.connect(CLIConnectionFactory.java:72) at hudson.cli.CLI._main(CLI.java:473) at hudson.cli.CLI.main(CLI.java:384) Suppressed: java.io.IOException: Server returned HTTP response code: 403 for URL: http://52.9.217.252:8888/cli at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1628) at hudson.cli.FullDuplexHttpStream.(FullDuplexHttpStream.java:78) at hudson.cli.CLI.connectViaHttp(CLI.java:152) at hudson.cli.CLI.(CLI.java:132) ... 3 more
my config.xml file
<?xml version='1.0' encoding='UTF-8'?>
<hudson>
<disabledAdministrativeMonitors/>
<version>1.0</version>
<numExecutors>2</numExecutors>
<mode>NORMAL</mode>
<useSecurity>true</useSecurity>
<authorizationStrategy class="hudson.security.FullControlOnceLoggedInAuthorizationStrategy">
<denyAnonymousReadAccess>false</denyAnonymousReadAccess>
</authorizationStrategy>
<securityRealm class="hudson.security.HudsonPrivateSecurityRealm">
<disableSignup>true</disableSignup>
<enableCaptcha>false</enableCaptcha>
</securityRealm>
<disableRememberMe>false</disableRememberMe>
<projectNamingStrategy class="jenkins.model.ProjectNamingStrategy$DefaultProjectNamingStrategy"/>
<workspaceDir>${ITEM_ROOTDIR}/workspace</workspaceDir>
<buildsDir>${ITEM_ROOTDIR}/builds</buildsDir>
<jdks/>
<viewsTabBar class="hudson.views.DefaultViewsTabBar"/>
<myViewsTabBar class="hudson.views.DefaultMyViewsTabBar"/>
<clouds/>
<scmCheckoutRetryCount>0</scmCheckoutRetryCount>
<views>
<hudson.model.AllView>
<owner class="hudson" reference="../../.."/>
<name>All</name>
<filterExecutors>false</filterExecutors>
<filterQueue>false</filterQueue>
<properties class="hudson.model.View$PropertyList"/>
</hudson.model.AllView>
</views>
<primaryView>All</primaryView>
<slaveAgentPort>-1</slaveAgentPort>
<label></label>
<crumbIssuer class="hudson.security.csrf.DefaultCrumbIssuer">
<excludeClientIPFromCrumb>false</excludeClientIPFromCrumb>
</crumbIssuer>
<nodeProperties/>
<globalNodeProperties/>
</hudson>
Upvotes: 6
Views: 4844
Answers (4)
Reputation: 166919
If you're not clear why it fails, run under strace/dtruss debugger, e.g.
$ strace -fs1000 -e trace=network java -jar jenkins-cli.jar -s http://localhost:8080/ help
If you've got:
HTTP/1.1 403 No valid crumb was included in the request
error, then you need to either provide crumb in the request, or disable CSRF Protection.
Using Jenkins CLI it's not working yet when the crumb issuer is enabled, so you can use curl instead. For example (replace localhost with your Jenkins address):
- Note your user API Token (
/user/USER/configure). Get your crumb:
CRUMB=$(curl -s 'http://USER:TOKEN@localhost:8080/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,":",//crumb)')Invoke some command (e.g. list the jobs):
curl -H $CRUMB http://USER:TOKEN@localhost:8080/api/json
Related: Jenkins REST API Create job
Upvotes: 0
Reputation: 31
For those looking on how to make this work programatically (unattended). You have to change
<jenkins.CLI>
<enabled>false</enabled>
</jenkins.CLI>
to
<jenkins.CLI>
<enabled>true</enabled>
</jenkins.CLI>
in /var/lib/jenkins/jenkins.CLI.xml and restart jenkins
Upvotes: 2
Reputation: 85
There is an official solution at the Jenkins Wiki Page for CLI.
The solution is
- Go to Manage Jenkins (in the Jenkins UI)
- -> Configure Global Security
- -> "TCP port for JNLP agents": choose fixed or random
Upvotes: 6
Reputation: 570
To be sure it's not an username and/or password error change this line:
<denyAnonymousReadAccess>true</denyAnonymousReadAccess>
into:
<denyAnonymousReadAccess>false</denyAnonymousReadAccess>
in your config.xml file.
Now you can connect to your jenkins interface to debug your credentials
Don't forget to reset it to true.
Upvotes: 1
Related Questions
- Jackson with JSON: Unrecognized field, not marked as ignorable
- How to configure port for a Spring Boot application
- How do I schedule jobs in Jenkins?
- Error "The input device is not a TTY"
- How to get the current working directory in Java?
- The docker container doesn't working Kubernetes Plugin jenkins
- Eclipse/Java code completion not working
- Jenkins CLI empty response
- How to fix 'java.io.IOException: HTTP full-duplex channel timeout' while running jenkins cli?